File _patchinfo of Package patchinfo.42300

<patchinfo incident="42300">
  <issue tracker="bnc" id="1248670">VUL-0: CVE-2025-38608: kernel live patch: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls</issue>
  <issue tracker="bnc" id="1250192">VUL-0: CVE-2025-39682: kernel live patch: tls: fix handling of zero-length records on the rx_list</issue>
  <issue tracker="bnc" id="1251787">VUL-0: CVE-2023-53676: kernel live patch: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()</issue>
  <issue tracker="bnc" id="1253437">VUL-0: CVE-2025-40204: kernel live patch: sctp: Fix MAC comparison to be constant-time</issue>
  <issue tracker="cve" id="2023-53676"/>
  <issue tracker="cve" id="2025-38608"/>
  <issue tracker="cve" id="2025-39682"/>
  <issue tracker="cve" id="2025-40204"/>
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <summary>Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6)</summary>
  <description>
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.65 fixes various security issues

The following security issues were fixed:

- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
</description>
</patchinfo>